Patch for LDAPS on GC
Stefan (metze) Metzmacher
metze at samba.org
Thu Jan 20 02:10:11 MST 2011
Hi William,
> Here is the patches to enable LDAPS on 3269 for global catalog. I have tested this as functional also.
Please squash them into one commit, it makes no sense to add broken patches
and directly fix them in the next commit.
Thanks.
metze
> From 9ec1f66b3c4d3c56964f83959b3b840e60b9ea50 Mon Sep 17 00:00:00 2001
> From: William Brown <william.e.brown at adelaide.edu.au>
> Date: Thu, 20 Jan 2011 11:41:01 +1030
> Subject: [PATCH 1/5] Added SSL global catalog
>
> ---
> source4/ldap_server/ldap_server.c | 18 ++++++++++++++++++
> 1 files changed, 18 insertions(+), 0 deletions(-)
>
> diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
> index 21030ba..a1d4653 100644
> --- a/source4/ldap_server/ldap_server.c
> +++ b/source4/ldap_server/ldap_server.c
> @@ -862,6 +862,24 @@ static NTSTATUS add_socket(struct task_server *task,
> }
> }
>
> + if (samba_is_gc(ldb)) {
> + if (tstream_tls_params_enabled(ldap_service->tls_params)) {
> + /* add ldaps server for the global catalog*/
> + port = 3269;
> + status = stream_setup_socket(task, task->event_ctx, lp_ctx,
> + model_ops,
> + &ldap_stream_nonpriv_ops,
> + "ipv4", address, &port,
> + lpcfg_socket_options(lp_ctx),
> + ldap_service);
> + if (!NT_STATUS_IS_OK(status)) {
> + DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
> + address, port, nt_errstr(status)));
> + return status;
> + }
> + }
> + }
> +
> /* And once we are bound, free the tempoary ldb, it will
> * connect again on each incoming LDAP connection */
> talloc_unlink(ldap_service, ldb);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110120/29fd37fd/attachment.pgp>
More information about the samba-technical
mailing list